FormatFuzzer – A Framework For High-Efficiency, High-Quality Generation And Parsing Of Binary Inputs
FormatFuzzer is a framework for high-efficiency, high-quality generation and parsing of binary inputs. It takes a binary template that describes...
Tools
RottenPotatoNG – A C++ DLL And Standalone C++ Binary – No Need For Meterpreter Or Other Tools
New version of RottenPotato as a C++ DLL and standalone C++ binary - no need for meterpreter or other tools....
Private Set Membership (PSM) – Cryptographic Protocol That Allows Clients To Privately Query
Private Set Membership (PSM) is a cryptographic protocol that allows clients to privately query whether the client's identifier is a...
Ddosify – High-performance Load Testing Tool
FeaturesProtocol Agnostic - Currently supporting HTTP, HTTPS, HTTP/2. Other Note: If the request count is too low for the...
Koppeling – Adaptive DLL Hijacking / Dynamic Export Forwarding
This project is a demonstration of advanced DLL hijack techniques. It was released in conjunction with the "Adaptive DLL Hijacking"...
Kunyu – More Efficient Corporate Asset Collection
Kunyu, More Efficient Corporate Asset Collection 0x00 IntroduceTool introductionKunyu (kunyu), whose name is taken from , is actually a professional...
Hashdb-Ida – HashDB API Hash Lookup Plugin For IDA Pro
HashDB IDA PluginMalware string hash lookup Hash AlgorithmsClick Refresh Algorithms to pull a list of supported hash algorithms from...
Etl-Parser – Event Trace Log File Parser In Pure Python
Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log...
Smuggler – An HTTP Request Smuggling / Desync Testing Tool
An HTTP Request Smuggling / Desync testing tool written in Python 3 AcknowledgementsA special thanks to James Kettle for his...
Certipy – Python Implementation For Active Directory Certificate Abuse
Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Based on the...
Tor-Rootkit – A Python 3 Standalone Windows 10 / Linux Rootkit Using Tor
A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get's established over the tor network.DisclaimerUse for educational...
PyRDP – RDP Monster-In-The-Middle (Mitm) And Library For Python With The Ability To Watch Connections Live Or After The Fact
PyRDP is a Python Supported SystemsPyRDP should work on Python 3.6 and up on the x86-64, ARM and ARM64 platforms....
Androidqf – (Android Quick Forensics) Helps Quickly Gathering Forensic Evidence From Android Devices, In Order To Identify Potential Traces Of Compromise
androidqf (Android Quick Forensics) is a portable tool to simplify the acquisition of relevant forensic data from Android devices. It...
LDAPmonitor – Monitor Creation, Deletion And Changes To LDAP Objects Live During Your Pentest Or System Administration!
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! With this tool you can...
TIWAP – Totally Insecure Web Application Project
TIWAP is a web security testing lab made using Flask for budding security enthusiasts to learn about various web vulnerabilities....
HandleKatz – PIC Lsass Dumper Using Cloned Handles
This tool was implemented as part of our Brucon2021 conference talk and demonstrates the usage of cloned handles to Lsass...
ADLab – Custom PowerShell Module To Setup An Active Directory Lab Environment To Practice Penetration Testing
The purpose of this module is to automate the deployment of an Active Directory lab for practicing internal penetration testing....
aDLL – Adventure of Dinamic Link Library
aDLL is a binary analysis tool focused on the automatic discovery of DLL Hijacking vulnerabilities. The tool analyzes the image...
Vimana – An Experimental Security Framework That Aims To Provide Resources For Auditing Python Web Applications
Vimana is a modular security framework designed to audit Python web applications.The base of the Vimana is composed of crawlers...
Melting-Cobalt – A Cobalt Strike Scanner That Retrieves Detected Team Server Beacons Into A JSON Object
A tool to hunt/mine for Cobalt Strike beacons and "reduce" their beacon configuration for later indexing. Hunts can either be...
Web-Hacking-Toolkit – A Multi-Platform Web Hacking Toolkit Docker Image With Graphical User Interface (GUI) Support
A multi-platform web hacking toolkit Docker image with Graphical User Interface (GUI) support.InstallationDockerPull the image from Docker Hub: docker pull...
PeTeReport – An Open-Source Application Vulnerability Reporting Tool
PeTeReport (PenTest Report) is an open-source application Sample ReportsPDF SampleHTML SampleMD SampleCSV SampleDownload Petereport If you like the site, please...
Dockerized-Android – A Container-Based Framework To Enable The Integration Of Mobile Components In Security Training Platforms
Dockerized Android is a container-based framework that allows to execute and Android Emulator inside Docker and control it through a...
GC2 – A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive
GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the...
